Packages

Express.js middleware collection that sets security-related HTTP headers. A collection of 15 smaller middlewares bundled together: Content-Security-Policy (CSP), Strict-Transport-Security (HSTS), X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy, Cross-Origin headers, and more. A one-line addition (app.use(helmet())) provides baseline HTTP security hardening against common web vulnerabilities. Works with Express, Fastify, and other Node.js frameworks.

Intervals.icu MCP server enabling AI agents to access Intervals.icu athletic training data — fetching workout history, analyzing training load and fitness metrics (ATL, CTL, TSS), accessing power and heart rate data, and integrating Intervals.icu's cycling and endurance sport analytics into agent-driven training analysis workflows.

Full-featured PHP web framework providing Eloquent ORM, Artisan CLI scaffolding, Blade templating, a service container for dependency injection, and first-party packages for queues, broadcasting, and authentication.

MCP server for LibreNMS — the popular open-source auto-discovering network monitoring system. Enables AI agents to query LibreNMS for device status, SNMP data, port statistics, alerts, and network topology — supporting AI-driven network operations, troubleshooting, and capacity planning workflows.

API mocking library that intercepts HTTP requests at the network level using Service Workers (browser) or native Node.js interceptors. MSW mocks work identically in browser and Node.js without changing application code — no dependency injection or adapter patterns needed. Define request handlers once, use them in development (browser), integration tests (Node.js/Vitest/Jest), and E2E tests (Playwright/Cypress). Considered the gold standard for frontend API mocking.

Developer-focused email sending API with powerful routing, parsing, and validation features for transactional email delivery.

HTML and XML parsing library for Ruby — the standard Ruby library for parsing, querying, and modifying HTML/XML documents. Nokogiri wraps libxml2 and libgumbo (HTML5 parser) for fast, standards-compliant parsing. Key APIs: Nokogiri::HTML5(html_string) for HTML5 parsing, Nokogiri::XML(xml_string) for XML, CSS selectors (doc.css('div.agent-card')), XPath (doc.xpath('//agent[@status="active"]')), text extraction (.text), attribute access (.attr('href')), and document modification. Used for web scraping agent tools, parsing HTML email content, processing RSS/Atom feeds, extracting agent knowledge from web pages, and XML API response handling.

MCP server for OpenCTI — an open-source threat intelligence platform for storing, analyzing, and sharing cyber threat intelligence. Enables AI agents to query threat indicators, retrieve threat actor profiles, search IOCs (Indicators of Compromise), and interact with OpenCTI's knowledge graph for AI-assisted threat analysis and SOC workflows.

AWS-maintained Apache 2.0 fork of Elasticsearch 7.10 providing distributed full-text search, vector/kNN search, and analytics via a REST API compatible with Elasticsearch tooling.

Perplexity AI MCP server enabling AI agents to access Perplexity's AI-powered search — querying Perplexity Sonar API for real-time web search with citations, getting AI-synthesized answers with source references, and integrating Perplexity's search-augmented LLM into agent-driven research and fact-checking workflows.

Performant, flexible React form library using uncontrolled components and ref-based state. React Hook Form (RHF) avoids re-rendering on every keystroke by using the DOM's native uncontrolled inputs rather than React state, making it significantly faster than Formik for large forms. Integrates natively with Zod, Valibot, ArkType, and Yup via @hookform/resolvers for schema validation. The standard form library for modern React applications.

Swift linting and style enforcement tool — enforces Swift style guide rules, catches common bugs, and maintains code quality. SwiftLint runs as Xcode build phase script or CLI. Configuration via .swiftlint.yml: disabled_rules, opt_in_rules, included/excluded paths, rule-specific configuration (line_length: 120). Rules: style (trailing_whitespace, colon, opening_brace), idiomatic (force_cast, force_try, implicitly_unwrapped_optional), metrics (function_body_length, file_length), lint (unused_import, unused_closure_parameter). Xcode integration shows warnings/errors inline. Supports SwiftFormat integration and custom regex rules. Essential for consistent agent iOS codebase.

Framework-agnostic server state management library providing useQuery, useMutation, and useInfiniteQuery hooks with stale-while-revalidate caching, QueryClient cache invalidation, and optimistic updates for React, Vue, Svelte, and Angular.

MCP server for VictoriaMetrics anomaly detection (vmanomaly) — the ML-powered anomaly detection component for VictoriaMetrics time-series database. Enables AI agents to query anomaly scores, configure detection models, and integrate ML-based anomaly detection into operations monitoring workflows.

Java library for producing RFC 7807 Problem Details for HTTP APIs — the IETF standard for machine-readable error responses. Problem Details format: JSON object with 'type' (URI identifying error type), 'title' (human-readable summary), 'status' (HTTP status code), 'detail' (human-readable explanation), and 'instance' (URI for specific occurrence). Zalando Problem library provides: Problem interface and ThrowableProblem (exceptions as Problems), Jackson serialization, Spring MVC and Spring WebFlux integration via problem-spring-web, and Spring Boot auto-configuration. Enables consistent error responses across all agent API endpoints without custom exception mapper boilerplate.

Async file I/O library for Python's asyncio. Wraps standard Python file operations (open, read, write, close) in asyncio-compatible coroutines so they don't block the event loop. Essential for async Python applications (FastAPI, aiohttp, Starlette) that need to read/write files without freezing the event loop. Uses thread pool executors under the hood to offload blocking file operations.

Enhanced error reporting library for Rust with colorized terminal output, backtraces, spantrace (tracing context), and custom sections in error reports. Built on eyre (the anyhow alternative). Provides the install() hook that replaces the default Rust panic handler with a beautiful, colored diagnostic. Used in CLI tools and applications where error messages need to be human-readable.

Simple, configurable logging backend for Rust's log crate that reads the RUST_LOG environment variable to set log levels per module. The de facto standard for CLI tools and simple applications. Zero-config startup: RUST_LOG=debug cargo run enables debug logging. Formats output to stderr with timestamps and module path.

Extremely fast JavaScript and TypeScript bundler/compiler written in Go. 10-100x faster than Webpack and Rollup. Bundles, minifies, and transforms TypeScript/JSX to JavaScript. Used as the core of Vite's dev server, Bun's bundler, and many build tool chains. Also available as a library via its JavaScript/Go API for programmatic bundling.

English word pluralization/singularization library. Converts English words between singular and plural forms using a comprehensive rule set with irregular word handling. Includes count-aware pluralization (plural(word, count)), singularization, and irregular word registration. Used in code generation, API response formatting, NLP preprocessing, and UI text that shows counts ('1 item' vs '5 items').